Premium

AWS Certified Developer - Associate Questions and Answers (Dumps and Practice Questions)



Question : Restarting an instance in AWS VPC, retains the same primary private IP address ?
: Restarting an instance in AWS VPC, retains the same primary private IP address ?
1. Yes, It keeps the same primary private IP address
2. No, It does not keep the same primary private IP address
 3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above is correct


Correct Answer : Get Lastest Questions and Answer :

For instances launched in a VPC, a private IP address remains associated with the network interface when the instance is stopped and restarted, and is released when the instance is terminated.
But
For instances launched in EC2-Classic, a private IP address is associated with the instance until it is stopped or terminated.





Question :

For the CloudFormation once you have been created the resources, which one of the following you can use to identify resources
outside of AWS CloudFormation templates,
:
1. Template
2. Stack ID
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Logical IDs

Correct Answer : Get Lastest Questions and Answer :
In the Resources sections of a template, you declare the AWS resources that you want AWS CloudFormation to manage, such as an Amazon EC2 instance or an Amazon S3 bucket. All templates must declare a Resources section with at least one resource. You must declare each resource separately; however, you can specify multiple resources of the same type.

Each resource declaration includes three parts:

A logical name that is unique within the template

A resource type

Properties for that resource

You use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store to an Amazon EC2 instance, you reference the logical IDs of both the block stores and the instance to specify the mapping. Logical names must be alphanumeric (A-Za-z0-9). For a list of all the resource types.

In addition to the logical ID, certain resources also have a physical ID, which is the actual assigned name for that resource, such as an Amazon EC2 instance ID or an Amazon S3 bucket name. You use the physical IDs to identify resources outside of AWS CloudFormation templates, but only after the resources have been created. For example, you might give an Amazon EC2 instance resource a logical ID of MyEC2Instance; but when AWS CloudFormation creates the instance, AWS CloudFormation automatically generates and assigns a physical ID (such as i-28f9ba55) to the instance. You can use this physical ID to identify the instance and view its properties (such as the DNS name) by using the Amazon EC2 console. For resources that support custom names, you can assign your own names (physical IDs) to help you quickly identify resources. For example, you can name an Amazon S3 bucket that stores logs as MyPerformanceLogs




Question :

In VPC for Your Customer Gateway, to establish ephemeral keys to secure all communication between your customer gateway and the virutal private gateway IKE uses

:
1. Utilize the AES 128-bit encryption function
2. Utilize IPsec Dead Peer Detection
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Diffie-Hellman Perfect Forward Secrecy in "Group 2" mode


Correct Answer : Get Lastest Questions and Answer :

Explanation: IKE(Internet Key Exchange IKE) uses Diffie-Hellman to establish ephemeral keys to secure all communication between customer gateways and VPN gateways.

Related Questions

Question : With IAM, you can


 : With IAM, you can
1. centrally manage users
2. manage security credentials such as access keys
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 3
5. 1,2 and 3


Question :

In which of the following scenerio IAM migration is not possible


 :
1. If Your organization has just a single AWS account.
2. If Your organization has multiple AWS accounts, with each AWS account belonging to a division in the organization
 3. Access Mostly Uused Products by 50000+ Subscribers
4. None of the above


Question : Select the correct statement for the IAM ?

 : Select the correct statement for the IAM ?
1. The organization need to have an individual AWS account per employee
2. AWS resources that your organization has already created can be moved to a different AWS account
 3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 2
5. 2 and 3



Question : Which of the following is incoorect ARNs for different types of IAM resources
 : Which of the following is incoorect ARNs for different types of IAM resources
1. arn:aws:iam::123456789012:root
2. arn:aws:iam::123456789012:user/Bob
 3. Access Mostly Uused Products by 50000+ Subscribers
4. arn:aws:iam:123:456789012:group/Developers
5. arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_A/Developers



Question :

The following example shows a policy you could assign to Bob to allow him to manage his own access keys

{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["iam:*AccessKey*"],
"Resource": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:user/division_abc/subdivision_xyz/Bob"
}]
}

What is the resource in this example


 :
1. iam
2. ACCOUNT-ID-WITHOUT-HYPHENS
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Resource is not correctly defined
5. Bob


Question : A corporate web application is deployed within an Amazon VPC, and is connected to the corporate data center via IPSec VPN. The application must authenticate against the
onpremise LDAP server. Once authenticated, logged-in users can only access an S3 keyspace specific to the user. Which two approaches can satisfy the objectives? Choose 2 answers

A. The application authenticates against LDAP. The application then calls the IAM Security Service to login to IAM using the LDAP credentials. The application can use the IAM
temporary credentials to access the appropriate S3 bucket.
B. The application authenticates against LDAP, and retrieves the name of an IAM role associated with the user. The application then calls the IAM Security Token Service to
assume that IAM Role. The application can use the temporary credentials to access the appropriate S3 bucket.
C. The application authenticates against IAM Security Token Service using the LDAP credentials. The application uses those temporary AWS security credentials to access the
appropriate S3 bucket.
D. Develop an identity broker which authenticates against LDAP, and then calls IAM Security Token Service to get IAM federated user credentials. The application calls the
identity broker to get IAM federated user credentials with access to the appropriate S3 bucket.
E. Develop an identity broker which authenticates against IAM Security Token Service to assume an IAM Role to get temporary AWS security credentials. The application calls the
identity broker to get AWS temporary security credentials with access to the appropriate S3 bucket.

 : A corporate web application is deployed within an Amazon VPC, and is connected to the corporate data center via IPSec VPN. The application must authenticate against the
1. A,B
2. B,C
 3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D
5. A,E